diff --git a/templates/docker-compose.jitsi.yml.j2 b/templates/docker-compose.jitsi.yml.j2
index f2d68ae..3277c95 100644
--- a/templates/docker-compose.jitsi.yml.j2
+++ b/templates/docker-compose.jitsi.yml.j2
@@ -84,22 +84,22 @@ services:
             - XMPP_MUC_DOMAIN
             - XMPP_RECORDER_DOMAIN
         labels:
-              - "traefik.enable=true"
-              - "traefik.docker.network=traefik_public"
-              - "traefik.http.routers.jitsi.rule=Host(`{{ jitsi_virtual_host }}`)"
-              - "traefik.http.routers.jitsi.entrypoints=websecure"
-              - "traefik.http.routers.jitsi.tls=true"
-              - "traefik.http.routers.jitsi.tls.certresolver=defaultresolver"
-              - "traefik.http.middlewares.jitsi-headers.headers.SSLRedirect=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.browserXSSFilter=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.contentTypeNosniff=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.forceSTSHeader=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.STSSeconds=315360000"
-              - "traefik.http.middlewares.jitsi-headers.headers.STSIncludeSubdomains=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.STSPreload=true"
-              - "traefik.http.middlewares.jitsi-headers.headers.featurePolicy=geolocation 'none'; payment 'none'"
-              - "traefik.http.middlewares.jitsi-headers.headers.contentSecurityPolicy=default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'none'; frame-ancestors 'none'; form-action 'none'; block-all-mixed-content"
-              - "traefik.http.routers.jitsi.middlewares=jitsi-headers"
+            traefik.enable: true
+            traefik.docker.network: traefik_public
+            traefik.http.routers.jitsi.rule: Host(`{{ jitsi_virtual_host }}`)
+            traefik.http.routers.jitsi.entrypoints: websecure
+            traefik.http.routers.jitsi.tls: true
+            traefik.http.routers.jitsi.tls.certresolver: defaultresolver
+            traefik.http.middlewares.jitsi-headers.headers.SSLRedirect: true
+            traefik.http.middlewares.jitsi-headers.headers.browserXSSFilter: true
+            traefik.http.middlewares.jitsi-headers.headers.contentTypeNosniff: true
+            traefik.http.middlewares.jitsi-headers.headers.forceSTSHeader: true
+            traefik.http.middlewares.jitsi-headers.headers.STSSeconds: 315360000
+            traefik.http.middlewares.jitsi-headers.headers.STSIncludeSubdomains: true
+            traefik.http.middlewares.jitsi-headers.headers.STSPreload: true
+            traefik.http.middlewares.jitsi-headers.headers.featurePolicy: geolocation 'none'; payment 'none'
+            traefik.http.middlewares.jitsi-headers.headers.contentSecurityPolicy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'none'; frame-ancestors 'none'; form-action 'none'; block-all-mixed-content
+            traefik.http.routers.jitsi.middlewares: jitsi-headers
         networks:
             public:
             meet.jitsi: